This message was deleted.
# atlantis-communitys
Slackbot
03/27/2023, 9:12 AMThis message was deleted.
✅ 1
r
RB
03/27/2023, 1:14 PMTry sshing into Atlantis and run the commands on the pod/server and see if it works. If you can get it to work there, then you can copy the command to your yaml workflow
t
Tomas Mota
03/28/2023, 8:47 AMyeah that's what I meant, we ran the command inside the pod and it just worked. Not sure what you mean by copying it into the workflow, is it then still the "in-build" policy checking? Or am I just making the policy check myself by running a command?
r
RB
03/28/2023, 2:07 PMDid you run it as the same user as atlantis or root user?
RB
03/28/2023, 2:12 PMIf it helps, this is the line where conftest runs
https://github.com/runatlantis/atlantis/blob/617714034f533224102f4fa00948e4f5efadbc57/server/core/runtime/policy/conftest_client.go#L165
RB
03/28/2023, 2:14 PMWell actually this is probably more helpful.
https://www.runatlantis.io/docs/policy-checking.html#pulling-policies-from-a-remote-location
t
Tomas Mota
03/29/2023, 1:06 PMyeah that is exactly what I did. It seems like in order to use pulled policies you must have defined a policy set, even if it only has an empty policy? It does not seem to work if you just define the policy_check block as shown in the link.
Tomas Mota
03/29/2023, 1:06 PMIs that the expected behaviour?
r
RB
03/29/2023, 1:50 PMI'm unsure on expectations as i haven't played with this feature yet.
Atlantis should only be running the conftest command on your behalf. If you're running it manually and seeing a difference then perhaps you're running into a bug in the logic?
t
Tomas Mota
03/30/2023, 12:53 PMYeah, it's odd, but we got it working after adding a hardcoded rego file. Thanks for the input
👍 1